OpenAI’s Safety Bug Bounty Program Expands AI Abuse and Integrity Risk Coverage
Summary
Hide ▲
Show ▼
OpenAI introduced a new Safety Bug Bounty program on March 26, 2026, hosted on Bugcrowd, to incentivize researchers to report AI abuse and safety risks in its products. The program targets scenarios such as agentic risks (e.g., prompt injection, data exfiltration, MCP abuse), integrity violations (e.g., bypassing anti-automation controls, evading account restrictions), and proprietary information exposure. It complements OpenAI’s existing Security Bug Bounty, which since April 2023 has rewarded 409 security vulnerabilities.
Timeline
-
26.03.2026 14:20 1 articles · 1h ago
OpenAI’s Safety Bug Bounty Program Launched to Address AI Abuse and Integrity Risks
OpenAI introduced a Safety Bug Bounty program on March 26, 2026, hosted on Bugcrowd, to incentivize researchers to report AI abuse and safety risks in its products. The program targets scenarios such as agentic risks (e.g., prompt injection, data exfiltration, MCP abuse), integrity violations (e.g., bypassing anti-automation controls, evading account restrictions), and proprietary information exposure. It complements OpenAI’s existing Security Bug Bounty, which since April 2023 has rewarded 409 security vulnerabilities.
Show sources
- OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns — www.infosecurity-magazine.com — 26.03.2026 14:20
Information Snippets
-
OpenAI launched a Safety Bug Bounty program on March 26, 2026, hosted on Bugcrowd, to address AI abuse and safety risks.
First reported: 26.03.2026 14:201 source, 1 articleShow sources
- OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns — www.infosecurity-magazine.com — 26.03.2026 14:20
-
The new program focuses on risks such as model context protocol (MCP) abuse, third-party prompt injection, data exfiltration, and disallowed actions at scale, even if they do not qualify as traditional security vulnerabilities.
First reported: 26.03.2026 14:201 source, 1 articleShow sources
- OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns — www.infosecurity-magazine.com — 26.03.2026 14:20
-
Integrity violations involving unauthorized access to features, data, or functionalities should be reported to OpenAI’s Security Bug Bounty instead of the Safety Bug Bounty.
First reported: 26.03.2026 14:201 source, 1 articleShow sources
- OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns — www.infosecurity-magazine.com — 26.03.2026 14:20
-
General content-policy bypasses without clear safety or abuse impact, such as jailbreaks resulting only in rude language or easily searchable information, are explicitly out of scope for rewards.
First reported: 26.03.2026 14:201 source, 1 articleShow sources
- OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns — www.infosecurity-magazine.com — 26.03.2026 14:20
-
OpenAI’s Security Bug Bounty, launched in April 2023, has rewarded 409 security vulnerabilities in its products.
First reported: 26.03.2026 14:201 source, 1 articleShow sources
- OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns — www.infosecurity-magazine.com — 26.03.2026 14:20